A new Google study asked 231 security experts, defined as those who have at least five years of experience working in or studying computer security, and 294 non-experts what the three most important things they do to protect their security online.

Thirty-two percent of experts considered downloading security updates as the most important thing a user can do, whereas only 2 percent of non-experts believe the same. Non-experts expressed concern about whether they could trust the updates, refused to download updates that came with other undesirable features, or simply just didn’t know why it was needed. The Google study stresses that security updates are “the seatbelts of online security; they make you safer, period,” and are in no way a security risk. Adobe’s Flash often releases security updates once exploits are found, and if users do not update, they are susceptible to online attacks that could allow hackers to take over their entire system.

Both groups considered password management very important to security, but only 24 percent of non-experts use a password manager, compared to 73 percent of experts. One non-expert doesn’t trust password managers because “no one can hack my mind,” but managers like 1Password will generate complex passwords of up to 50 characters while also requiring users to use a “master password,” which users must remember themselves to access their other passwords, a best-of- both-worlds solution.

Twenty-one percent of non-experts consider changing passwords frequently very important, but only 2 percent of experts believe the same. The study stresses that if an attacker is able to get a hold of an old password, he or she can make simple transformations to it and are able to guess the new one 41 percent of the time for an offline attack, and 17 percent within five online attempts, making constantly changing passwords not very effective. Non-experts also delete cookies in hopes of staying secure, another method that more than half of experts consider not helpful at all.

Most of all, 42 percent of non-experts rely on antivirus software to keep themselves safe, compared to only 7 percent of experts. While the software has benefits, experts are concerned that it gives users a false sense of security, since it is not a foolproof solution.